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[57] 



ABSTRACT 



A method and apparatus of communicating information 
comprising providing a datum which includes a digital 
certificate containing data. The digital certificate including 
an extension which includes: a first identifier which specifies 
a major classification of the data; a second identifier which 
specifies a minor classification of the data; and data in a 
format according to the major classification and the minor 
classification, the data indicating an owner of the datum and 
a use for which the datum is intended. The certificate allows 
authentication of the certificate itself and the data contained 
therein, and the data contained in the certificate can include 
information allowing verification of the identity of the 
holder of the certificate. 

47 Claims, 8 Drawing Sheets 
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DIGITAL CERTIFICATES CONTAINING classification, the data indicating an owner of the datum and 

MULTIMEDIA DATA EXTENSIONS a use for whicn me datum is intended. The certificate allows 

authentication of the certificate itself and the data contained 

BACKGROUND OF THE INVENTION therein, and the data contained in the certificate can Include 

5 information allowing verification of the identity of the 

1. Field of the Invention holder of ^ 

The present invention relates to information storage and The data includes a first portion which is in a first format 

authentication thereof. Specifically, the present invention acconJillg to mc ^jar classification. The data includes a 

relates to a method and apparatus for storing main-media SCCOI1 d portion which is in a second format according to the 

information in digital certificates, for example, those con- 10 classification. Hie major classification specifies a 

forming to recommendation X.509 for authentication and basic usc oftnc certificate. The minor classification specifies 

security of directory services. a specific type of the certificate. 

2. Background Information The basic use of the certificate may include identification 
As electronic resources proliferate, corresponding ^ payment by a credit account The data can include a logo, 

increases in the demands placed upon such resources for 15 a signature of a holder of the certificate, a picture, sound, or 

applications such as electronic commerce also will increase, video. The data can also include biometric information 

Electronic commerce requires the authentication of users allowing stronger authentication that the holder of the cer- 

and other data prior to the performance of transactions. That tificate is the person to whom it was issued. The biometric 

is, they require that a level of trust be established prior to the information can include a fingerprint, retinal scan, hand 

performance of transactions. Currently, some methods are 20 geometry information, 
lacking in the establishment and maintenance of such trust 

Some prior art solutions for the establishment and main- BRIEF DESCRIPTION OF THE DRAWINGS 
tcnance of a level of trust arein existence in the prior xt ^ t & mvtstatcd by way of example 
One of these includes the C^^mn^^n^: ^ J» ^ ^ fi of mc ^ nYing * 
Ine Directory-Authentication Fr^ork (1988). This ^ ^ ^ demcQts ^ m 
standard sets forth a protocol wherein certain data are _ , _ . . 
Stained in a "digital cStificate" which allows the authen- 1 illustrates the flow of a certificate containing 
tication of a user raior to allowing access to a directory. A multimedia extensions from a certificate medium to a trans- 
variety of models are set forth in this standard; however, action for authentication and use. 
certamnmumiimiirfcmiatio 30 FIG. 2 shows a system in which embodiments of the 
validity date range, and accompanying digital signature, present invention may be implemented, 
which is used to sign the certificate, are used to authenticate FIG. 3 shows the format of an extended X.509 digital 
users prior to access to directories being granted. certificate. 

The digital certificate typically assumes that certain levels 35 fig. 4 shows a mare detailed view of an extended X.509 

of trust have already been established from higher levels in . digital certificate. 

a directory hierarchy known as a certification path. A cer- pj G 5 shows mc format of extension fields in an X.509 

tification path need not be hierarchical, but typically is. In digital certificate. 

addition, the digital certificate described in Recommenda- ^ 6 a ^ extension for storing 

tion X.509 has been amended to specify extensions which ^ mcdia e;[tensioils ^ embodiments of the present invention. 

may be used for stronger authentication. See, Draft Tecum- , _ ^ ^ . ^ 

cal Corrigenda2 and 3 to Recommendation X.509 IESO/IEC ™. 7 shows an example of an identification template 

9594-8. These specify extensions which may be included in extension. 

digital certificates without modifying the ASN.l type cer- FIG. » shows a second example of an identification 
tificate specified above. No provision has been made in this <5 template extension. 

standard or others of which Applicant is aware in the prior FIG. 9 shows an example of a credit card template 

art which sets forth an authentication framework for data by extension. 

itself, which also includes identifying information, such as fig. tO shows a process which is used for authenticating 

that provided in the X.509 standards, for electronic com- using certificates containing Tmiitim«iia extensions, 

merce and/or identification, which incorporates many of the M HG n ^ ^ of a process whicn checks the 

modem data formats. These data formats include, but are not extenslon ^ of a ^mta! certificate, 

limited to, audio, video, cr executable program infaimation. J \ f 

Thus, what is required is an authentication framework which FIG. U shows fce detaJs of a prc^ss which uses an 

allows the transmission of a variety of data types, but yet, extended digital certificate for an identification application, 

allows authentication of such data for various applications, FIG. 13 shows the details of a process which uses an 

such as modem forms of electronic commerce, extended digital certificate for a credit card payment appli- 

Thus, the prior art of nuiltixnedia storage and retrieval cation, 

suffers from several deficiencies. DETAILED DESCRIPTION 

SUMMARY OF THE INVENTION ^ r^i^cnted embcxUments of the present invention 

A method and apparatus of communicating information include a system which includes multimedia data in digital 

comprising providing a datum which includes a digital certificates. Although the present invention will be described 

certificate containing data. Hie digital certificate including with reference to certain specific embodiments thereof, 

an extension which includes: a first identifier which specifies including data structures, processes, etc. . . . , it can be 
a major classification of the data; a second identifier which 65 appreciated by one skilled in the art that these specific details 

specifies a minor classification of the data; and data in a are disclosed herein are for a cxmmlete understanding of the 

format according to the major classification and the minor present invention, and do not limit its scope. It can be 
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appreciated by one skilled in toe art that many departures devices. This communication device may also include a 

and other modifications of the implemented embodiments of means for communicating with other nodes in a network or 

the present invention may be performed by one skilled in the across telephone lines. In implemented embodiments, mis 

art This invention can be practiced without these specific may include a MOdulatoi/DEModulator (MODEM) for 
details. 5 conimuiiication between a first system, for example, that 

FIG* 1 illustrates the use of a digital certificate, A medium providing a digital certificate, and system 100. 

120 provides a digital certificate 125 with extensions to a System 100 may also include a biometric input device 227 

transaction system 100. Medium 120 may be any device in which comprises a means far inputting biometric informa- 

which a certificate may be stored, according to the applica- tion (e.g. a fingerprint or retina scan) from a holder of a 
tjon. For example, this medium may include such as mag- 10 certificate into system 100. This may allow verification that 

netic tape, disk drive on a computer system, credit card the holder of the certificate is the person to whom it was 

"on-a-chip", or other medium for storing information. Dif- issued. Note, also, that any or all of the components of the 

ferent media may be used according to whether a transaction illustrated system 100 and associated hardware may be used 

is performed on-line, via the use of a certificate at a in various embodiments, however, it can be appreciated that 

point-of-sale system, or for other application, such as any configuration of the system mat includes a processor 

identification, such as a driver's license or passport Trans- 202 may be used for various proposes according to the 

action system 100 receives the digital certificate, and a particular implementation. 

certificate application 110 (which is resident in memory of ^ 0QC embodiment of a transaction system 100, system 
transaction system 100. during runtime) processes the cer- ioo may be one of the IBM AX-<xmipatible type personal 
tificate to determine authenticity and perform the mers such as the Gateway 2000 brand personal corn- 
transaction acc^g to the apphcation s requ^ments. 20 m „ ufactured by Gateway Computer Systems. Pro- 
Receipt of the digital certificate may be accomphshed via a P» J kntiZ® braid micropro- 

certmcate input device, or over a ^^°° m ^ ~ available from Intel Corporation of Santa Clara, 

for example, tdecommunication channels. The digital cer- ^~ 77 ,^ , , T « r . , . f T ."J 

tificate U5 contains a signature which guarantees the Calif. (Pentium and Intel are trademarks of Intel 

authenticity of the data contained in the certificate. Once 25 Ccrporation). 

authenticated, the application can use the data contained in Note that the following discussion of various embodi- 

the certificate according to the transaction being performed. ments discussed herein will refer specifically to a series of 

This transaction may include verification (e.g. visual or routines which are generated in a high-level programming 

biometric verification) of a holder of a certificate to confirm language (e.g. t the C or C++ language) and compiled, 

that the holder is the person to whom the certificate was ^ linked, and then run as object code in system 100 during 

issued, run-time. It can be appreciated by one skilled in the art, 

FIG. 2 shows one embodiment of a transaction system however, that the following methods and apparatus may be 

100. 100 comprises a bus or other communication means implemented in special purpose hardware devices, such as 

201 for coimruinicating information, and a processing means discrete logic devices, large scale integrated circuits (LSI* s), 

202 coupled with bus 201 for processing ^formation. Sys- 35 appkeation-specific integrated circuits (ASIC's), or other 
tern 100 further comprises a random access memory (RAM) specialized hardware. The description here has equal appli- 
or other volatile storage device 204 (referred to as main cation to apparatus having similar function. 

memory), coupled to bus 201 for storing information and An extended digital certificate 125 is shown in FIG. 3. An 

instructions to be executed by processor 202. Main memory extended digital certificate, which includes the multimedia 

204 also may be used for storing temporary variables or 40 extensions to be described here, conforms to the X.509 

other intermediate information during execution of instruc- standard as set forth above. Extended certificate 125 

tions by processor 202. System 100 also comprises a read includes extended certificate information 300 and a digital 

only memory (ROM) and/or other static storage device 206 signature 302. Signature 302 is a digital signature which is 

coupled to bus 201 for storing static information and instruc- formed by rjerfcrming a hash function of the extended 

tions for processor 202, and a data storage device 207 such 43 certificate information 300 and encrypting the result of that 

as a magnetic disk or optical disk and its corresponding disk hash function. Any type of hash function which generates a 

drive. Data storage device 207 is coupled to bus 201 for unique value representing the data may be used, and the 

storing information and instructions. System 100 may fur- specific algorithm used to form the unique value can be 

ther be coupled to a display device 221, such as a cathode identified in the extended information, for example, as set 

ray tube (CRT) or liquid crystal display (LCD) coupled to 50 forth below. 

bus 201 for displaying information to a computer user. An a detail of extended information 300 is shown in FIG. 4. 
alphanumeric input device 222, including a alphanumeric Extended information 300 conforms to Recommendation 
and other keys, may also be coupled to Jbus 201 for com- X.509, however, it contains multimedia information 
municating information and command selections to proces- (images, video, sound, andYor executable programs) in field 
sor 202. An additional user input device is cursor control 55 416. The signature 302 shown in FIG. 3 is thus a signature 
223, such as a mouse, trackball, stylus, or cursor direction not only of the standard authentication information con- 
keys, coupled to bus 201 for communicating direction tained in fields 402-414, but also of field 416 containing 
information and command selections to processor 202, and multimedia data. Thus, the authentication information is 
for controlling cursor movement on display 221. used for authenticating multimedia information instead of 

In implemented embodiments, another device which may 60 providing access to directory services, as in the prior art 

be coupled to bus 201 includes a serial interface 224. This Recommendation X509, and as modified by Cordgenda 2 

may be coupled to a certificate input device 226 which can and 3. Thus, although the multimedia extension(s), if any, 

automatically input a certificate such as 125. This type of contained in field 416 may provide stronger authentication 

device may include a magnetic reader, disk drive, card slot of the certificate 125 for directory services than the original 

or other type of automatic certificate input device. 65 X.509 standard, field 416 may be used for any purposes, 

System 100 may also include a communication device according to an application's requirements, for example, for 

225 which comprises a means for cornmunicaring with other use of a credit card for payment during a transaction. 
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The remaining fields 402-414 correspond with those set Pseudocode representing an extension is as follows: 
forth in Recommendation X.509. Field 402 specifies the 
version of the certificate, and field 404 is a unique serial _ _ 

. Exteasttxis :?= SEQUENCE OF Extension 

number for the certificate. Field 406 specifies a signature Extensions — sequence 

algorithm identifier, that is, the hash function encryption 5 { 

algorithm used for forming die digital signature, and a size ' «tnH EXTENSION ,&Id({ExtEasiaD}), 
, . . ~- ~ , . ~ . , j ,7 ^ ... critical BOOLEAN DEFAULT FALSE. 

of the signature. The name field 408 includes a distinguished ^ y^c£m string// der encoding of data 

. name that specifies the issuer of the certificate (e.g. a credit vate 
card company, company issuing an employee identification } 
badge, or a state motor vehicle agency issuing a driver's 10 extension = class 
license). In implemented embodiments of the present 
invention, for an identification template certificate, the name 
would include the name, address, social security number, 
etc. ... of a person being identified by the certificate. 
Sufficient information roust be present to specifically iden- 
tify the owner of the certificate. 

Validity field 410 includes a date range in which the 
certificate is valid. This is also used for authentication 

purposes. If the certificate is examined outside of this date 20 

range, it is invalid (e.g. an expired driver's license, passport IDENTTFICATION EXTENSIONS 

orcredit^ ^ foUowm identificatlon extensions are non-critlcal 

name which defines the subject s name that differentiates extensions. 

him from other owners (eg. other credit card holders). 

Under Recommendation X.509, the field contains the direc- 23 Lo S° Extension 

tory name of the directory for which access is desked. In The logo extension defines a bitmap image which is used 
implemented embodiments, it is much broader. The last field for brand identification. One example of the use of this 
414 is the public key information field which identifies and extension would be for a credit card company such as VISA 
contains the public key of the encryption algorithm used to or MasterCard, to have their logo stored in mis extension for 
sign the certificate. The remainder 416 of the certificate is 30 display when the certificate is displayed It has the following 
the data which is contained within the certificate. syntax: 

Recommendation X.509 is currently lacking in facilities _ 
for identification of the owner of a certificate, as well as for ^ extension 
its intended use. Implemented embodiments of the present { 

invention address these shortcomings by architecting exten- M syn tax i magcSynax 

sions to the current standard in the area of identification and identified by { id-oe30 } 

template types. These specific definitions follow. Synmx sequence 

{ ■ : 
CERTIFICATE EXTENSIONS ^ ^^SSS^ii b J^l^ 

} 



Several new certificate extensions are set forth in imple- 
mented einbodiments to allow for more widespread use of 

certificates. These extensions fall into two categories: Exten- Signature Extension 

sions used for identification pulses and niisceUane^s 45 ^ ^ ^ a blnary ^ ncode d fac- 

extensions which can be used to modify theuse of the simile of a handwritten signature. It may be a scanned copy 

create in ways which h^n* currently been drsooy- Qf a written d signature may be made on a 

ercd. The format for all cerUficate extensions currently ^ ^ cncodc ddirectiy. Regardless, the 

follows that found in the X.509 Corrigenda 2 and 3, and puiposc of ^ to mc ^ture in a 

Amendment 1. 50 certificate and compare it with a hand-written signature to 

A detail of an extension field 500 which is a format used verify identity. The syntax uses the same image data as the 

by each of the extension(s) in field 416 is shown in FIG. 5. logo extension as follows: 
The certificates used in inrplernented emboooments of the 

present invention include one or more extensions of the * 

format 500 shown in FIG. 5 in field 416. The extensions) in 55 s ^ satax BX3BNHON 

field 416, if any, conform to the X.509 Corrigenda 2 and 3. syntax imageSymai 

Each extension includes an identifier field 502 which con- IDENTIFIED BY { id-cc 31 } 

tains a unique value identifying the type of extension 1 
contained in the extension data field 506. A criticality flag 

504 indicates whether the application reading the certificate 60 _ f 

must be able read the extension, otherwise, the certificate "cture fcxtension 

fails the authentication check performed by the certificate This extension is meant to contain a picture of the owner 

application process 110. The extension data then follows the of the certificate. It consists of a bitmap image in some 

criticality flag in field 506. The extension data is DER standard format. It could be used for a picture of an owner 

(Distinguished Encoding Rules) encoded. The data includes 65 of a certificate for an identification or credit card certificate, 

a length field followed by the octets which make up the It is constructed in the same fashion as the logo and 

encoded data. signature extensions: 
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2,914 

8 

FingcrpriDt 

Fingerprints arc stored in one of three different formats: 
Image, language, and index plot. Image format is simply a 
bitmap image which must be visually compared to that 
5 stored in a certificate. This data will be stored in the 
following extension: 



Sound Extension 

This extension will allow a certificate to contain an audio 
clip. It may be used for identification of the owner's voice. 
It contains an audio clip (e.g-.WAV) in some standard binary 
format The format for mis extension is as follows: 



fingcprimlma^c EXTENSION :."= 
10 t 



} 



SYNTAX ImageSynlax 
IDENTIFIED BY {kU»35} 



audio EXTENSION ::= 
{ 



15 



SYNTAX Ima^cSyntax 
IDENTIFIED BY { id-ce 33 



The language format is an ASCH representation of the 
fingerprint after filtering the fingerprint image. This value 
can then be compared to that stored in the certificate. This 
data will be stored in the following extension format: 



} 

AudioSyntax ::= SEQUENCE 



{ 



} 



20 



algorithm Algorifhmldaitifiex, // type of image 
audioData AudioData // binary data for sound clip 



gEgoprintLanguage EXTENSION ::= 



{ 



AudbData ::= OCTET STRING 



} 



SYNTAX FingerPrinfT .anguageSyiiiax 
IDENTIFIED BY { id=oc 36 } 



13 



FiagerFrmfLaqgaageSyntax ::= IASStriog 



Video Extension 

This extension will allow a certificate to contain a video 
clip. It may be used for identification of the owners appear- 
ance or other information which needs to be stated by the 



The last format for storage of fingerprints is via an index 
plot of the fingerprint. This plot is also a bitmap representing 
the print, but only is concerned about certain aspects inner- 



owner. It contains a video clip in some standard binary » ent in the print THis extension is also stored as an image: 
format The format for this extension is as follows: 



fiiigeiprinlladftxPkrt EXTENSION ::= 



video EXTENSION ::= 

{ 

SYNTAX VideoSyHtax 
IDENTIFIED BY { id-ce 34 

VkkoSyxnax :r= SEQUENCE 



i 



35 



} 



SYNTAX fcnagcSyntax 
IDENTIFIED BY { ld=ee 37 } 



{ 



> 



algorithm AlgorithmTdrnTifirr, "type of clip 
videoData VkfeoData //binary data for video clip 



40 



VideoData OCTET STRING 



If a certificate contains both an audio and video extension, 
they are assumed to be synchronized in time; that is, the 
algorithms used to create both of them must be able to be 
synchronized if both the audio and yideo are started at the 
same time. 

Biometric Extensions 

This extension can represent some biometric input which 
is used for identification purposes. The goal of these formats 
is to verify mat the user of the certificate is really who they 
say they are. The data stored with the certificate would be 



45 



Retina Scan 

Retina scans create a bit vector representing the location 
of blood vessels in the retina of the eye. Tnis relatively short 
vector generated by a scanning device can be compared to 
that stored in a certificate for identification purposes. Since 
the result is simply a bitmap, the following extension syntax 
is used: 



retinaScan EXTENSION ::= 



{ 



50 



> 



SYNTAX ImageSyatax 
IDENTIFIED BY{ id=w 38 } 



Voice Print 

Voice prints are usually stored as audio files and are 
compared with that input via some biometric device to 55 processed to compare two samples. Thus the audio extension 
validate the user's identity. One possible use of mis exten- f ommt ^ ^ uscd: 
sion is in security access cards where the user of the card 

must validate themselves in order to gain entry into high- — 

security building or room. 

Biometric devices come in several forms, each of which 60 
represents data in one or more different binary formats. 
Following is a list of the more popular biometric formats and 
the type of extension(s) they require. An important consid- 
eration regarding biometric devices is that the input data 
from the user can change over time. That is, a person's 63 
fingerprint, hand print, or voice can change over time, 
eventually rendering the certificate invalid. 



voicePrim EXTENSION : 
{ 



} 



SYN TAX A ndioSyolax 
IDENTIFIED BY { id=ce 39 } 



Hand Geometry 

Geometry of the hand is usually stared in an image 
format The following extension is defined: 
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-continued 



handOcoEoctiy EXTENSION 
{ 

SYNTAX ImagtSyntax 
IDENTIFIED BY { kfccc 40 } 

} 



Dynamic Signature 

Dynamic Signature data is stored as accelerations 
sampled during the actual writing of user's signature. This 
data will be sorted in some binary format for later compari- 
son with that received from the biometric device. It is 
unclear what exact format this data will take. 

MISCELLANEOUS EXTENSIONS 
Account Number Extension 

This extension .is used to store an account number in a 
certificate. It may not always be possible to use the serial 
number to store the account number in the case of revocation 
and later reinstatement, where the same account number 
would be used. Hence the serial number cannot be use in mis 
case as serial numbers must be globally unique. The syntax 
for this extension is as follows: 



accountNumbcr EXTENSION ::= 

SYNTAX AcccumNumbcrSyiilax 
IDENTIFIED BY \ id=ce 41 } 

} 

Account Number Syntax ::= INTEGER 



Executable Code Extension 

This extension is reserved for use by applications to 
execute trusted code contained in the certificate. The exten- 
sion is simply a sequence of bytes which will be interpreted 
by the application as an executable. The format is as follows: 



executabkCode EXTENSION :;» 

^ SYNTAX ExecutableCodeSyntax 

IDENTIFIED BY { id=ce 41 } 

EiecutabkCodcSynm ::= OCTET STRING 



TEMPLATE EXTENSIONS 

A template extension is used to determine which template 
the certificate follows, that is, which extensions are to be 
found in the extensions field in a certificate. This extension 
is located at a well-known place in the extension list (e.g. the 
first extension) and gives insight into what the certificate is 
used for and perhaps how to display the certificate to the 
user. The template types are discussed in detail below. The 
syntax for this extension is as follows: 



templateBceiiskra EXTENSION ::= 

^ SYNTAX TemplateSyntax 

IDENTIFIED BY { id=ce 41 } 

^ Template Syntax SEQUENCE 



{ 

major INTEGER, // major number of template 
tniiw INTEGER // template vainer number 
5 

An illustration of a template extension 600 is shown in 
FIG. 6. A template identifier field 602 contains a unique 
value identifying the extension as a template extension. The 

10 template extension is critical, that is , if the application 
cannot interpret the template, it cannot use the certificate for 
any purpose other than as a template for the purposes 
specified in the major and minor type fields 606 and 608. 
The criucahry flag in field 604 is set by default to <4 ye s *\ 

is however, it may be set to "no" in some implementations. The 
template identifier determines which template (if any) the 
certificate follows. 

The template extension is made up of a major and minor 
type specified in fields 606 and 608. The major type con- 

20 tained in field 606 represents the basic use of the certificate, 
for example, whether it is used for identification or a credit 
card. The minor type contained in field 608 represents the 
exact type of data the certificate stores. For example, a 
certificate could have the major type of identification and the 

25 minor type of driver's license. The major type specifies a 
certain set of required multime dia extensions (either implic- 
ity or explicitly through some undefined mechanism) which 
must be used to verify the holder of the certificate. Verifi- 
cation of the holder of the certificate can be performed using 

30 any of the rnulrimedia extensions set forth above. 

The template extension is placed in a well-defined place 
in the certificate, in this emrxniiment, as the first extension 
in the extensions portion of the extended X.509 certificate. 
Implicitly, the major and minor type specify the number and 

35 types of fields which follow in the extension, and each 
extension includes an identifier which identifies the specific 
extension. Thus, required major multimedia extensions 610 
follows the specification of the minor type, and required 
minor multimedia extensions 612 follows the required major 

40 multimedia extensions 608. Required major multimedia 
extensions 610 include data common to all certificates of the 
major type, and required minor multimedia extensions 
include data specific to the specified minor type. Lastly, 
format 600 includes an "other extensions" field 614 which 

45 are other extensions used in the certificate which are not of 
the required major, or minor types. 

Following is a list of defined major and minor template 
types in implemented embodiments of the present invention 
and a description of each. 

50 

IDENTIFICATION TEMPLATE TYPE 

This major type of template includes one or more of the 
identification certificate extensions defined above. This class 
55 of template includes the minor types of applications as set 
forth in Table 1. 

TABLE I 

qq Minor Type Extensions and Other Data Required 

driver's license state logo, picture, birth date, height, 

weight, sex, restrictions, ficense 

birth certificate hospital logo, parents' names, birth 

date, hospital name, footprint 
65 social security card SS logo, SS number 

library card library logo, account number 
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Extensions and Other Data Required 


frequent flier card 


airline logo, account number, signature 




of user 


pasipoit 


country logo, picture 


corporate id badge 


corporate logo, id number, picture, 




audio, video 


building access card 


logo 


nr»*f* r '** insurance or 


logo, accoust/poup number 


preaenptioo card 
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media extensions Adds and specify the credit card number, 
TABLE I-continued an image of the user's signature, the issuer's name, and the 

issuer's logo. The issuer's logo preserves the brand identity 
associated with the credit card (e.g. Citibank Visa). Other 
5 information may also be associated with the certificate, such 
as credit limit, etc . . . according to implementation. Minor 
fields may include those as illustrated in fields 914-920, 
such as a user's photo, user's password (for stronger 
authentication), a "member since" field, and an image of the 
io card itself. In alternative implementations, it may also 
contain a picture of the user and an audio or video cup. 

THE CERTIFICATE APPUCATION 

As is apparent in the above-examples, the common clem- ^ fl ow 0 f a process of a certificate application 110, which 

em for each of the identification extensions is the logo of the j s resident in computer memory during system runtime in a 

issuing authority. Thus, required major multimedia exten- transaction system (e.g. a point-of-sale system), is illustrated 

si cms far such an extended certificate would include the logo m FIG. 10. The certificate Is read at step 1002. This may be 

in the required major multimedia extensions field. performed in any number of manners, including, but not 

An example of an identification template is shown as 700 limited to, receipt of the certificate over a communication 

in FIG. 7. This data will be contained in the extension data M ihilr. reading of the certificate off magnetic media on a 

field 506 of a template extension. Each of the data fields will credit/identification card, etc. . . . Authentication of the 

have an associated identifier and criticality flag, as set forth certificate is then performed at step 1004. This is performed 

above. In this embodiment, the major type contained in field using the specified hash algorithm of the data in the 

702 will identify the template as type identification. The certificate, decryption technique using the public bey of the 

minor type, in this instance, contained in field 704, will issuer, and cxnrjparing the result against the supplied signa- 

identify the template as being of type "California driver's ture. If the certificate is not authentic, as detected at step 

license." Thus, the basic use of the ternplate is identification, 1006, then process 110 proceeds to step 1007, wherein a user 

and the specific instance of identification is a California may be alerted and the process aborts, 

driver's license. If the certificate is authentic, then process 110 proceeds to 

A logo (the logo of the state— the issuing authority) ^ step 1008, wherein the extension type is checked. If the 

follows in field 706, for the required major multimedia examined extension type is not understood by the appUca- 

extensions of this identification template. Subsequent fields tion program, then the criticality flag is checked at step 1014. 

in the certificate, in this example, arc required minor mill- If the extension is critical, then the use of the certificate is 

timedia extensions. These include: a image of the licensed aborted at step 1018, and the user can be alerted at step 1007, 

driver in field 708; a birth date of the driver in field 710; 33 wherein the process ends. If the certificate extension is not 

height, weight and sex of the driver in fields 712, 714, and critical (e,g. a template extension) then the certificate can be 

716; license restrictions contained in field 7 18; and a license ' used, if desired by the application, without the extension(s), 

number in field 720. Thus, when authentication of the if any at step 1016. If the extension is understood by the 

certificate takes place, the hash function is performed not application, as detected at step 1010, then it can be used at 

only on the unextended portion X.509 portion of the ^ step 1012 with the extension^). In either event, the process 

certificate, but also, on extended data 700 shown in FIG. 7. then is complete. 

A certificate thus contains data such as 700 which not only in the event of an extension type which is one of the 

provides stronger (perhaps visual or other manual) authen- simple multimedia data types illustrated and discussed 

tication of the holder of the certificate, but also, provides a above, the application simply checks the type and deter- 

coDtainer for data which is self-authenticating. That is, it not 4S mines whether it is supported, and if so, can use the 

only allows access checking of direct caies and associated extension. If not, the DER length field can be examined, and 

directory services, but also, provides stand-alone features the extension fleld(s) can be skipped over, and not used by 

not connected with any such prior art techniques. the application, according to implementation. In the event of 

A second example of an identification template is shown a template type, both the major and minor types can be 

as 800 in FIG. 8. This extension will be contained in the 50 examined, and if either or both are supported and required 

extension data field 506 of a template extension. The minor by the application, it can be used. The details of this are 

type, in this example, contained in field 804, will identify the shown in FIG. 11. 

template as being of type "Birth Certificate." The hospital Process 1100 shows the details of checking a template's 
logo follows in field 806, for the required major multimedia major and minor type. First, at step 1102, the major type is 
extensions of this identification certificate. The following 55 checked. If it is not supported by tlus appUcation, as detected 
fields in the extension field are for required minor multime- at step 1104, then, at step 1106, it can be indicated that the 
dia extensions. These include: the parent's names in field certificate is not understood, and the process is complete. If 
808; a birth date of the child in field 810; the hospital name the major type is understood by the application (e.g. an 
in field 812; a image of the footprint of the infant in field identification type), then it is detennined whether the minor 
814; and a signature of the doctor in field 816. go type is required at step 1108. Far example, far a simple 
Credit Card Template Type identification procedure with authentication, the validity of 
This type of certificate template includes some identifi- the certificate may simply be required to be checked. This 
cation portions as well as storage for the credit card number would be similar to the standard X.509 authentication pro- 
itself. An example of this is illustrated as 900 in FIG. 9. The cedure. If not, then it the certificate is indicated as under- 
major type specified in field 902 is credit card, and the minor 65 stood at step 1110, and the process is complete, 
type contained in field 904, in this example, is "Citibank Step 1112 checks the minor type in the event that the 
Visa." Fields 906-912 ramprise the required major multi- minor type is required. If understood, as detected at step 
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1114, then the certificate is indicated as being understood at b. a second identifier which specifies a second classifica- 

step 111S, and the process is complete. If not, then the tion of said data, the second classification specifies a 

certificate is indicated as not being understood at step 1116, specific type of said digital certificate; and 

and the process is complete. c said data in a format according to said first classification 

FIGS. 12 and 13 illustrate examples of the use of digital ' and said , 8e «J« l ^^o^ said data mdicatingan 

certificates with multimedia extensions, as set forth at steps said datmn and a use for which smd datum is 

1012 and IWtfJUese examples i^strate toe processes 2 . TheLthod of claim 1 wherein said data includes a first 

which may be performed for the checking o ^he validity of n a ^ fonnat accordillg to ^ ^ 

a driver' s license, and a credit card for the performance of classification. 

a transaction, respectively. Process 1200 may be an identi- "> 3 ^ of Haim 2 wherein said data includes a 

fication process used with a driver's license, for example, second portion which is in a second format according to said 

Once authentication of the license via examination of the second classification. 

certificate has taken place, the remaining information con- 4 Th c method of claim 1 wherein said basic use of said 

tained in the major and minor fields may be displayed to the digital certificate includes identification, 

user. These may include the display of the state logo at step 15 5. The method of claim 1 wherein said basic use of said 

1202, display of the driver's name at step 1204, the photo of digital certificate includes payment by a credit account 

the driver at step 1206, the birth date at step 1208, and any 6. The method of claim 1 wherein said basic use of said 

restrictions of the driver at step 1210. This can allow digital certificate includes attaching a plurality of data to 

verification of the identity of the holder of the certificate. said certificate. 

Hie validity of the license may also be checked at step 1212, 20 7. The method of claim 1 wherein said data includes a 

for example, by querying a remote system. If the license is logo* 

not valid, the user is alerted at step 1216. If it is valid, unless . »• The method of claim 1 wherein said data includes a 

other actions are required to be performed (in which case signature. . . A . , . 

process 1260 will have additional steps), process 1200 is 9 - ™t of claun 1 whcrcm 531(1 mdudcs a 

lete 23 picture, 

complete. ^ The method of claim 1 wherein said data includes 

Process 1300 shows an example of a credit card transac- soun( j, 

tion application. Step 1302 displays the logo from the u ^ method of claim t wherein said data includes 

certificate. This ensures brand identity, for example, for video. 

on-line and point-of-sale transactions wherein no physical 12. The method of claim 1 wherein said data includes 

"card" or medium is handled by a user. Subsequent thereto, biometric information. 

the customer signature can be displayed at step 1304, for ^ The method of claim 12 wherein said biometric 

verification purposes, and the customer photo, if any, can be information includes a fingerprint 

displayed at step 1306. Credit of the account is then verified u ^ of clQim u wherein said biometric 

at step 1308, using any known technique, and if sufficient 35 infoimation includes a retinal scan. 

credit does not exist as detected at step 1310, the user is 15 ne metil0< x 0 f claim 12 wherein said biometric 

alerted at step 1312. The process is men complete. information includes hand geometry information. 

In the event of the requirement of verification of the \$ m The method of Haim 12 wherein said biometric 

holder of the credit card certificate, a password may be information includes a fingerprint 
queried for at step 1314, and if the password is not valid, as ^ 17. a mnlrimfriin digital certificate system comprising: 

detected at step 1316, the user can be alerted at step 1312. a a cfrcnit far creating a digital certificate which 

If the password is valid, a user abort test is performed at step provides stand-alone authentication, said digital certifi- 

1318 and if no abort is detected, the transaction is allowed cate including a certificate authentication field encoded 

to proceed, step 1320. In any event, the process is complete. ^th a private key; and 

Other steps may be performed within the credit card trans- ^ b a secoad d^t for extending said digital certificate to 
action application process 1300, and steps illustrated may be include an extension, said extension including multi- 
omitted, according to the specific application, the specific media data. 

minor type of thc credit card, etc. . . . 18. The system of claim 17 wherein said multimedia data 

Thus, in conclusion, a method and apparatus for format- includes identification information, 
ting and using digital certificates containing extensions with 50 19. The system of claim 17 wherein said mnitimftdifl data 

multimedia data has been described. The use of certificates, includes certificate revocation information, 

as described above, as containers for data of various mul- 20. The system of claim 17 wherein said extension further 

timedia types is especially useful. This is particularly so for includes length information indicating the length of said 

verification methods for commercial transactions, such as multimedia data. 

visual; password, and biometric verification of holders of 55 21 The system of claim 17 wherein said extension 
such certificates. Although the present invention has been includes type information indicating the type of said multi- 
described with reference to certain specific embodiments media data. 

thereof, the present invention should be construed as limited 22 The system of claim 18 wherein said identification 

by the appended claims which follow. information includes a logo. 

What is claimed is: 60 23. Hie system of claim 18 whereto said identification 

1. A method of communicating information comprising information includes a signature, 

providing a datum which includes a digital certificate con- 24 The system of claim 18 wherein said identification 

taming data, said digital certificate including an extension information includes a picture. 

which includes: 25. The system of claim 18 whereto said identification 
a. a first identifier which specifies a first classification of 65 information includes sound. 

said data, the first classification specifies a basic use of 26. The system of claim 18 wherein said identification 

said digital certificate; information includes video. 
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27. The system of claim 18 wherein said identification 
information includes biometric information. 

28. The system of daim 27 whereto said biometric 
information includes a fingerprint. 

29. The system of Hnim 27 wherein said biometric 
information includes a retinal scan. 

30. The system of claim 27 wherein said biometric 
information includes hand geometry information. 

31. The system of claim 27 wherein said biometric 
information includes a fingerprint. 

32. An apparatus for communicating information com- 
prising a circuit for processing a datum which includes a 
digital certificate containing data, said digital certificate 
including an extension which includes: 

a. a first identifier which specifics a first classification of 
said data, the first classification specifies a basic use of 
said certificate; 

b. a second identifier which specifies a second classifica- 
tion of said data, the second classification specifies a 
specific type of said certificate; and 

c. said data in a format according to said first classification 
and said second classification) said data indicating an 
owner of said datum and a use for which said datum is 
intended. 

33. The apparatus of claim 32 wherein said data includes 
a first portion which is in a first format according to said first 
classification. 

34. The apparatus of claim 33 wherein said data includes 
a second portion which is in a second format according to 
said second classification. 
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35. The apparatus of claim 32 wherein said basic use of 
said certificate includes identification. 

36. The apparatus of claim 32 wherein said basic use of 
said certificate includes payment by a credit account 

5 37. The method of claim 32 wherein said basic use of said 
certificate includes attaching a plurality of data to said 
certificate. 

38. The apparatus of rXaim 32 wherein said data includes 

10 a 

39. The apparatus of claim 32 wherein said data includes 
a signature. 

40. The apparatus of claim 32 wherein said data includes 
a picture. 

15 41. The apparatus of claim 32 wherein said data includes 
sound. 

42. The apparatus of claim 32 wherein said data includes 
video. 

43. The apparatus of claim 32 wherein said data includes 
20 biometric information. 

44. The apparatus of claim 43 wherein said biometric 
information includes a fingerprint. 

45. The apparatus of claim 43 wherein said biometric 
information includes a retinal scan. 

25 46. The apparatus of claim 43 wherein said biometric 
information includes hand geometry information. 

47. The apparatus of claim 43 wherein said biometric 
information includes a fingerprint. 

***** 
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